1. Field of the Invention
Example embodiments of the present invention generally relate to cryptographic apparatuses and methods. More particularly, example embodiments of the present invention relate to scalar multiplication apparatuses and methods of using the same.
2. Description of the Related Art
To solve problems associated with modem confidential data communications, for example, satisfy continuous growing performance requirements hardware, cryptographic systems based on well-known crypto-algorithms may used. Crypto-algorithms, public key algorithms, such as Rivest-Shamir-Adleman (RSA) and Elliptic Curve Cryptography (ECC), and symmetric key algorithms, such as Data Encryption Standard (DES) and Advanced Encryption Standard (AES), are well known.
However, in addition to hardware-oriented crypto-systems, new crypto-analysis methods such as Side-Channel Analysis (SCA) have been developed. There may be several different techniques of attacks, including Timing Analysis, Power Analysis, Electro-Magnetic Analysis, and Different Faults Analysis (DFA). These techniques may successfully attack the crypto-systems and obtain secret keys with less time and effort.
Accordingly, counter-measurements against the crypto-analysis methods such as SCA have developed. An example of SCA technique is DFA.
FIG. 1 is a block diagram of a conventional art cryptographic apparatus 100. Referring to FIG. 1, the cryptographic apparatus 100 may include a scalar multiplication unit 110 including parallel EC operation units 120 and 130, and a comparing and outputting unit 140. For several operations each of the EC operation units 120 and 130 may generate encrypted final output points Q1 and Q2 by performing a scalar multiplication operation of a previous point and a secret key according to an (Elliptic Curve Cryptography (ECC) algorithm. The comparing and outputting unit 140 may determine whether the output points Q1 and Q2 are the same, transmits any one of the output points Q to a post-processor if they are the same, and does not output the encrypted output points if they are not the same. That is, if a fault occurs during the scalar multiplication operation for the encryption, the encrypted output points generated by the ECC operation units 120 and 130 may be different from each other. The encrypted output points may not be transmitted to the post-processor in order to prevent a leak of confidential information.
For a crypto-system such as a smart card system including the conventional art cryptographic apparatus 100, a cryptanalyst (attacker) may deliberately generate a fault, such as power glitches, electromagnetic influences or optical influences, during the scalar multiplication computation, generate the same encrypted output points as that generated by the parallel EC operation units 120 and 130, and may analyze faulty output points and obtain a secret key used by the system. An attacker may easily obtain confidential information in the conventional cryptographic methods by simply checking output points encrypted in parallel. In addition, it is known that the conventional art cryptographic methods may be weak to counter a Sign Change Fault (SCF) attack against a Non-Adjacent Form (NAF)-based scalar multiplication algorithm.